package com.xinyue.system.utils;

import com.xinyue.common.constant.Constants;
import com.xinyue.common.constant.HttpStatus;
import com.xinyue.common.exception.ServiceException;
import com.xinyue.common.utils.StringUtils;
import com.xinyue.system.model.LoginUser;
import java.util.Collection;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.util.PatternMatchUtils;

/**
 * 安全服务工具类
 *
 * @author ruoyi
 */
public class SecurityUtils {

  /**
   * 用户ID
   **/
  public static Long getUserId() {
    try {
      return getLoginUser().getUserId();
    } catch (Exception e) {
      throw new ServiceException("获取用户ID异常", HttpStatus.UNAUTHORIZED);
    }
  }

  /**
   * 获取部门ID
   **/
  public static Long getDeptId() {
    try {
      return getLoginUser().getDeptId();
    } catch (Exception e) {
      throw new ServiceException("获取部门ID异常", HttpStatus.UNAUTHORIZED);
    }
  }

  /**
   * 获取用户账户
   **/
  public static String getUsername() {
    try {
      return getLoginUser().getUsername();
    } catch (Exception e) {
      throw new ServiceException("获取用户账户异常", HttpStatus.UNAUTHORIZED);
    }
  }

  /**
   * 获取用户
   **/
  public static LoginUser getLoginUser() {
    try {
      return (LoginUser) getAuthentication().getPrincipal();
    } catch (Exception e) {
      throw new ServiceException("获取用户信息异常", HttpStatus.UNAUTHORIZED);
    }
  }

  /**
   * 获取Authentication
   */
  public static Authentication getAuthentication() {
    return SecurityContextHolder.getContext().getAuthentication();
  }

  /**
   * 生成BCryptPasswordEncoder密码
   *
   * @param password 密码
   * @return 加密字符串
   */
  public static String encryptPassword(String password) {
    BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
    return passwordEncoder.encode(password);
  }

  /**
   * 判断密码是否相同
   *
   * @param rawPassword     真实密码
   * @param encodedPassword 加密后字符
   * @return 结果
   */
  public static boolean matchesPassword(String rawPassword, String encodedPassword) {
    BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
    return passwordEncoder.matches(rawPassword, encodedPassword);
  }

  /**
   * 是否为管理员
   *
   * @param userId 用户ID
   * @return 结果
   */
  public static boolean isAdmin(Long userId) {
    return userId != null && 1L == userId;
  }

  /**
   * 验证用户是否具备某权限
   *
   * @param permission 权限字符串
   * @return 用户是否具备某权限
   */
  public static boolean hasPermi(String permission) {
    return hasPermi(getLoginUser().getPermissions(), permission);
  }

  /**
   * 判断是否包含权限
   *
   * @param authorities 权限列表
   * @param permission  权限字符串
   * @return 用户是否具备某权限
   */
  public static boolean hasPermi(Collection<String> authorities, String permission) {
    return authorities.stream().filter(StringUtils::hasText)
        .anyMatch(x -> Constants.ALL_PERMISSION.equals(x) || PatternMatchUtils.simpleMatch(x,
            permission));
  }

}
